CVE-2022-2076

Name of the Vulnerable Software and Affected Versions Microsoft Office 365 (affected versions not specified)

Description The issue is related to an incorrect session expiration in Microsoft Office 365, potentially allowing a remote attacker to gain unauthorized access to protected information. The problem arises from session cookies that might be used by two clients simultaneously. The attack can be initiated remotely. There are doubts about the real-world consequences of this issue.

Recommendations To mitigate the issue, consider changing the configuration settings. At the moment, there is no information about a newer version that contains a fix for this vulnerability.